The US Senate Intelligence Committee has approved a bill designed to ‘encourage’ private companies to share data with the American government.
The move comes despite jitters from privacy campaigners, who fear the potential misuse of this data by both the government, and private companies.
The controversial Cybersecurity Information Sharing Act, otherwise known as CISA, is designed to rework how the US government and private businesses and organisations exchange Internet users’ confidential information.
The bill is raising serious concerns among privacy campaigners, due to its vague language and a range of privacy and Internet freedom issues. They fear it could, in fact, broaden the data collecting powers of the NSA and similair agencies.
Therefore if it passes into law, it could have a major impact on areas including privacy, corporate liability, freedom of information and national security. But the lawmakers argue that it is the best way to encourage more co-operation between the government and private companies, in an effort to strengthen the overall cyber defences of American organisations.
The bill has now been approved by the US Senate Intelligence Committee, in a 12-3 vote. It is authored by the committee’s chairwoman, Dianne Feinstein, a Democrat, and Vice Chairman Saxby Chambliss, a Republican.
“Cyber attacks present the greatest threat to our national and economic security today, and the magnitude of the threat is growing,” Feinstein told Reuters. “This bill is an important step toward curbing these dangerous cyber attacks.”
The CISA bill must be approved by the full Senate, but it has bipartisan support so is likely to get enough support. It also needs to be reconciled with similar legislation that passed the House of Representatives in April.
The bill apparently authorises companies and individuals to monitor their own and consenting customers’ networks for hacking. They can then voluntarily share cyber threat data, without any personally identifiable information, with the government and each other for cybersecurity purposes.
And CISA is a two way street, as the US government would also be required to increase the amount of information it shares with private firms.
The bill is being opposed by privacy campaigners. “A new cybersecurity bill poses serious threats to our privacy, gives the government extraordinary powers to silence potential whistleblowers, and exempts these dangerous new powers from transparency laws,” said the American Civil Liberties Union.
“The bill would create a massive loophole in our existing privacy laws by allowing the government to ask companies for ‘voluntary’ cooperation in sharing information, including the content of our communications, for cybersecurity purposes,” it added. “But the definition they are using for the so-called “cybersecurity information” is so broad it could sweep up huge amounts of innocent Americans’ personal data.”
The bill is also opposed by the Electronic Frontier Foundation. “It’s the fourth time in four years that Congress has tried to pass ‘cybersecurity’ legislation. Unfortunately, the newest Senate bill is one of the worst yet,” it said.
“Cybersecurity bills aim to facilitate information sharing between companies and the government, but they always seem to come with broad immunity clauses for companies, vague definitions, and aggressive spying powers. This fatally flawed bill must be stopped.”
Are you a pedant on privacy? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…